From 9095b54331eeb00ab5cce1e0017a721a1cf62c8f Mon Sep 17 00:00:00 2001 From: Daniel McKnight Date: Tue, 19 Nov 2024 15:22:24 -0800 Subject: [PATCH] Refactor permissions checks to match changes made to neon-data-models --- neon_users_service/mq_connector.py | 6 +++--- requirements/requirements.txt | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/neon_users_service/mq_connector.py b/neon_users_service/mq_connector.py index f23eb46..576d523 100644 --- a/neon_users_service/mq_connector.py +++ b/neon_users_service/mq_connector.py @@ -56,8 +56,8 @@ def parse_mq_request(self, mq_req: dict) -> dict: auth_user = self.service.read_authenticated_user( mq_req.auth_user_spec, mq_req.password, mq_req.access_token) - if auth_user.permissions.diana < AccessRoles.ADMIN and \ - auth_user.permissions.diana != AccessRoles.READ_USERS: + if auth_user.permissions.users < AccessRoles.USER and \ + auth_user.permissions.users != AccessRoles.RW_USERS: raise PermissionError(f"User {auth_user.username} does " f"not have permission to read " f"other users") @@ -67,7 +67,7 @@ def parse_mq_request(self, mq_req: dict) -> dict: # Get the authenticating user, maybe raising an AuthenticationError auth = self.service.read_authenticated_user(mq_req.auth_username, mq_req.auth_password) - if auth.permissions.diana < AccessRoles.ADMIN: + if auth.permissions.users < AccessRoles.ADMIN: if auth.user_id != mq_req.user.user_id: raise PermissionError(f"User {auth.username} does not " f"have permission to modify " diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 0c5de65..db2a9dd 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -1,4 +1,4 @@ pydantic~=2.0 ovos-config~=0.1 ovos-utils~=0.0 -neon-data-models \ No newline at end of file +neon-data-models @ git+https://github.com/neongeckocom/neon-data-models@FEAT_UpdateUserDbCRUDOperations \ No newline at end of file